ronbo42
Guest
|
 Posted:
Sun Jan 02, 2005 2:41 am Post subject:
AD problems NT4 to W2003 upgrade |
|
|
Hi.
We worked this week to begin upgrading our current domain (MYCOMPANTDOMAIN)
from NT4 to W2003. We have a PDC/Fileserver running WINS and a BDC/Exch 5.5
running DNS and WINS. Secondary DNS is done at a remote site, different
domain.
I got a new machine, installed a fresh copy of NT4, promoted to PDC, took my
old PDC offline and began W2003 upgrade. All went smooth until the AD wizard
came up. I choose 'Create Domainin New Forest', set the DNS name to
mycompany.com, choose 'interim mode' as I need my BDC running Exch 5.5/DNS
and WINS to remain active and I get an error with DNS diagnostics that says
my ISP DNS can't update. My old NT4 domain used the DNS of my BDC (Exch
5.5/DNS and WINS), so I change my network config to utilize my BDC as Primary
DNS and re-diagnose with an error that my BDC (NT4) doesn't support dynamic
updates. I make an A record on my BDC and still get same results.
I need to push forward, so I change primary DNS in network config back to
ISP, I tell the new W2003 to install DNS and use itself as it's primary DNS.
DNS installation hangs forever (half an hour). So I tell it to stop, I'll do
it later, re-boot and my new machine is off MYCOMPANYDOMAIN and my NIC
drivers have been blown away. Logged in locally to my new machine currently.
What did I miss? |
|
Herb Martin
Guest
|
| Posted:
Sun Jan 02, 2005 4:17 pm Post subject:
Re: AD problems NT4 to W2003 upgrade |
|
|
"ronbo42" <ronbo42@discussions.microsoft.com> wrote in message
news:1A76083E-318A-4BDB-AA92-6F153AE1E195@microsoft.com...
| Quote: | Hi.
We worked this week to begin upgrading our current domain
(MYCOMPANTDOMAIN) |
Happy New Year!
| Quote: | from NT4 to W2003. We have a PDC/Fileserver running WINS and a BDC/Exch
5.5
running DNS and WINS. Secondary DNS is done at a remote site, different
domain.
I got a new machine, installed a fresh copy of NT4, promoted to PDC, took
my
old PDC offline and began W2003 upgrade. All went smooth until the AD
wizard
came up. I choose 'Create Domainin New Forest', set the DNS name to
mycompany.com, choose 'interim mode' as I need my BDC running Exch 5.5/DNS
and WINS to remain active and I get an error with DNS diagnostics that
says
my ISP DNS can't update.
|
Of course, ISP DNS servers are almost never dynamic.
You need to move your internal DNS to your internal
Network. If you are using the same name as the external
domain (mycompany.com) you will have a Primary/Secondary
DNS server outside (at the ISP) and another such
set INSIDE your network.
The internal one will be dynamic. They will NOT
replicate -- this is called "shadow DNS", and although
the books don't mention it, this is really two zones with
the same name (since they don't replicate.)
All externally changes to the zone must be manually
duplicated (by you) to the internal DNS, but the dynamic
internal (and presumably private) information will
NOT flow outside to be seen by the world.
| Quote: | My old NT4 domain used the DNS of my BDC (Exch
5.5/DNS and WINS), so I change my network config to utilize my BDC as
Primary
DNS and re-diagnose with an error that my BDC (NT4) doesn't support
dynamic
updates. I make an A record on my BDC and still get same results.
|
The Primary must be installed on a Win2003 (or 2000) server
for supporting Dyanmic updates. The BDC can remain a
secondary as long as it's NT4 service pack if up to date.
| Quote: | I need to push forward, so I change primary DNS in network config back to
ISP, I tell the new W2003 to install DNS and use itself as it's primary
DNS. |
That is actually the PREFERRED in the NIC->IP config
(not Primary which is a technical term.)
Doing so for AD domains, or most networks with internal
DNS, is always wrong.
| Quote: | DNS installation hangs forever (half an hour). So I tell it to stop, I'll
do
it later, re-boot and my new machine is off MYCOMPANYDOMAIN and my NIC
drivers have been blown away. Logged in locally to my new machine
currently.
What did I miss?
|
DNS for AD
1) Dynamic for the zone supporting AD (cannot run on NT)
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
Restart NetLogon on any DC if you change any of the above that
affects a DC and/or use:
nltest /dsregdns /server:DC-ServerNameGoesHere
Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.
--
Herb Martin |
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in